description | title | ms.custom | ms.date | ms.service | ms.reviewer | ms.suite | ms.topic |
---|---|---|---|---|---|---|---|
Learn more about: SSO Deployment Overview |
SSO Deployment Overview |
06/08/2017 |
biztalk-server |
article |
The system in this example is deployed over three domains, containing the following computers:
Domain ORCH.com
-
ORCH domain controller
-
HIS1, the HISSO server
-
HIS2, the Master Secret Server
-
HIS3, the Admin database
Domain SQL.com
-
SQL domain controller
-
SQL2, the SSO database
Domain HIS.com
-
HIS domain controller
-
HIS4 database
The key points defining this deployment are as follows:
-
Domain ORCH.com and domain SQL.com have a two-way selective trust relationship.
-
Domain ORCH.com is configured as native [!INCLUDEbtsWinSvr2k8] or [!INCLUDEbtsWinSvr2k8R2] functional level.
-
All SSO services are running on an ORCH.com domain user account (Orch\SSOSvcUser). The user is configured to have access permission on the SQL2 machine in the SQL.com domain. The user is configured for protocol transition and constrain delegation within the ORCH.com domain.
-
Another ORCH.com domain user (Orch\TestAppUser) is set for running test programs. This user is also configured for protocol transition and constrain delegation.